PrepAway - Latest Free Exam Questions & Answers

Which of the following is the MOST likely risk in this …

A security consultant discovers that an organization is using the PCL protocol to print documents, utilizing the default driver and print settings.
Which of the following is the MOST likely risk in this situation?

PrepAway - Latest Free Exam Questions & Answers

A.
An attacker can access and change the printer configuration.

B.
SNMP data leaving the printer will not be properly encrypted.

C.
An MITM attack can reveal sensitive information.

D.
An attacker can easily inject malicious code into the printer firmware.

E.
Attackers can use the PCL protocol to bypass the firewall of client computers.

PrepAway - Latest Free Exam Questions & Answers

7 Comments on “Which of the following is the MOST likely risk in this …

  1. JayWalkerIT says:

    B doesn’t have anything to do with people using PCL.
    The risk of PCL is the information being sent to the printer can be captured encrypted. So B is the best answer.




    10



    5
  2. meac says:

    JohnnyMac URL = https://esj.com/articles/2009/04/28/print-stream.aspx funily enough says that the PCL Protocol has issues with unencrypted data.

    Unencrypted Print Data are Easy Prey

    Unencrypted print data are a weakness in every IT security environment because without encryption, all printing protocols transmit print data as (more or less) readable, clear text. The printer command languages PCL (Printer Control Language) and Postscript are page-description protocols that include the document information in clear text in addition to control and command characters. Reading a text transmitted in ASCII format is even simpler.

    Hackers need only a simple sniffer application — which they can download from the Internet — to record print data during transmission. They can easily find freeware applications that enable them to read this data — even in the format of the original document. Attackers can manipulate and resend this data with agent software to redirect print data coming from other clients to the sniffer, then manipulate the original data with a simple editor and print it via the Windows LPR command. Common printing protocols (LPD/LPR/Sockets, SMB/CIFS etc.) cannot encrypt print data and offer no protection.

    So this means that : B- SNMP data leaving the printer will not be properly encrypted.




    9



    1
  3. ezspader says:

    I don’t understand what SNMP has to do with print jobs being sent to the printer. If the print data is not encrypted, can’t a MITM read it with ease, thus revealing sensitive information?

    Someone please tell me what I am missing here.




    2



    1

Leave a Reply